• Type:

Science & Technology

CH Ask The Cybersecurity Expert Podcast | Cybersecurity Insights #23

In this special Cybersecurity Insights podcast, Josh answers questions about everything from Black Mirror to the definition of resilience.

Q1 | 00:33 | Mac11_59 asked about using blockchain in elections
Using new technologies like blockchain in voting systems relies on having an authoritative identifier. Once government officials are able to validate votes and eliminate the risk of vote tampering, digital innovation in elections will accelerate.

Q2 | 01:36 | Classic_Aspect asked about the cybersecurity skills gap
Organizations need to widen their pool of talent, such as hiring more women. They should also be automating as much as possible so that humans can focus on higher-level, decision making responsibilities.

Q3 | 02:55 | Japneets asked about the future of IoT
Every IoT device has different requirements for firmware, software, recording apps, and telemetry protocols. The industry needs to undergo a process of normalization, where devices are recognized as computers and corresponding security measures are imposed.

Q4 | 04:19 | Marcom_25Z asked about cybersecurity frameworks
Core standards like NIST CSF, CIS Top 20 Critical Controls, and ISO are important for getting started. Once a framework is in place, it’s much easier to implement the measures you need to reach total resilience.

Q5 | 05:29 | Livlovbee asked how to begin a career in cybersecurity
Start by understanding what characterizes an authentic secure environment. What goes into a policy and configuration? What elements go into making a system resilient? This makes detecting when things go wrong much easier.

Q6 | 07:09 | Dbuster asked if certified employees are flight risks
Not investing in professional development is also a flight risk. Companies need employees with certifications like CEH, CISSP, and CISM to stay ahead and the majority of employees will stick around – out of appreciation if nothing else.

Q7 | 08:14 | BlackCall asked whether Black Mirror is realistic
To some extent! The topics covered by Black Mirror provoke our thinking and they should encourage cybersecurity professionals to discuss how to deal with increasing digitization. Even online, we need to respect rights like the protection of privacy and identity.

Q8 | 10:39 | SB8791 asked about encryption
Encryption is a foundational control for data protection. It is an act of obfuscation, restricting access unless a key is present. It keeps the unauthorized out and maintains the data security principle: confidentiality, integrity, and availability.

Q9 | 12:54 | RainbowDeer36 asked about security standards
Regulatory bodies like CSPA in California and GDPR in Europe have imposed standards that need to be met. Beyond those, choose one of the core frameworks and look for an industry-specific version.

Q10 | 14:03 | FunkyTurkey asked about risks, vulnerabilities, and threats
Risk is the quantitive measure of the probability of harm. A vulnerability is about the subject and its susceptibility to harm based on identity. Threats are external elements that can enter a system and compromise it.

Q11 | 16:29 | SamEra asked about resilience
Resilience is the ability to bounce back from setbacks, compromises or failures. Failure is inevitable and resilience is about overcoming the natural slide into disorder. Resilient security controls can self-heal to restore what was there before – without human intervention.

Learn more about cyber resilience: https://www.absolute.com?utm_medium=video&utm_source=youtube&utm_campaign=evc


Watch more of the Cybersecurity Insights series:
#15 – Phishing and Malware: Difference between Viruses, Trojans, Worms, and Ransomware: https://www.youtube.com/watch?v=aOy9SQxnHKA&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1
#16 – Zombie Computers, Botnets, and Denial of Service Attacks Explained https://www.youtube.com/watch?v=r-PRBdsEQZA&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1
#17 – Zero Trust Explained: https://www.youtube.com/watch?v=7Oeo1A5gncQ&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1
#18 – 5 Most Devastating Cyber Attacks: https://www.youtube.com/watch?v=IJc3viPKXk4&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1
#19 – Dealing with IT Complexity: https://www.youtube.com/watch?v=6kvas8uqMuk&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1
#20 – Cybersecurity Skills Gap: https://www.youtube.com/watch?v=h1u-Inoh96Y&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1
#21 – Asset Management – CMDB Reporting vs Asset Intelligence: https://www.youtube.com/watch?v=MRPh3NZRE-k&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1
#22 – K-12 Education 1:1 Program: https://www.youtube.com/watch?v=plA0fPyhAmc&list=PL94KIXDzCxI-D1GRbaHrEjoty_wc7SaIW&index=1

CH Cyber Resilience: Part 1 – What is Cyber Resilience

Part one of our six-part series on Cyber Resilience introduces you to what cyber resilience is and why it is important. Download our FREE green paper ‘An introduction to implementing Cyber Resilience’ here: https://www.itgovernance.co.uk/an-introduction-to-implementing-cyber-resilience

CH Building a resilient cybersecurity strategy for 2019 – Part 1

This ManageEngine Webinar series introduces industry best practices required to be followed in 2019. The importance of privileged access to critical information and data loss prevention (DLP) against insider threats will be discussed. It will also highlight the rising significance of Unified Endpoint Security and Management, trends in Log Management, compliance standards.

CH AI in Cybersecurity Use Cases (AI in Cybersecurity 2)

What are some common use cases of applying AI in Cybersecurity? Bryan Li (Founder, Cyber Tech & Risk) is joined by Tahseen Shabab (Founder & CEO, BiBu Labs) to discuss some examples of Enterprise Security, Anomaly Detection in IoT, and Decoys using the techniques such as Clustering, Active Learning, and Bayesian Neural Networks.

This is the episode 2 of the “AI in Cybersecurity”.

The EU Cybersecurity Act enters into force – Interview by ENISA ED, Udo Helmbrecht

A new era for ENISA and cybersecurity in Europe! The EU Cybersecurity Act entered into force on 27 June, setting a new mandate for the EU Agency for Cybersecurity – ENISA and establishing the European cybersecurity certification framework.

Find out more: https://europa.eu/!gc67kf

Video copyright: DG COMM – DG for Communication

CH Medical Device Cybersecurity in Healthcare: Managing Threats and Costs

The Vizient Supply Chain Leadership Series explores how hospitals can work with medical device vendors to develop cybersecurity program with effective security controls. With cyber attacks targeting a whopping 95% of health care organizations, medical devices offer access and control to would-be attackers, putting patients at great risk, at huge costs to the organization itself.

Next video info: vizientinc.com/Events/2019-05-15-Supply-Chain-Leadership-Series

Features Erick Decker, chief security and privacy officer, University of Chicago Medicine, Greg Garcia, executive director for Cybersecurity, Healthcare Sector Coordinating Council, Kevin McDonald, director, Clinical Information Security, Mayo Clinic and Molly Zmuda, senior networks director at Vizient, Inc.


BitSight for Security Performance Management

As a security leader, how do you know where to focus your security resources or make the quick strategic decisions your business needs to stay ahead? There are lots of solutions today: threat feeds, vulnerability scanners, maturity frameworks, penetration tests, but how do you know if these tools are actually working? BitSight for Security Performance Management is the first solution that provides maximum visibility into your cybersecurity program’s performance. Powered by BitSight Security Ratings, the largest and most engaged ecosystem worldwide, it monitors both good and bad security practices for more than 160,000 global vendors, giving you the intelligence you need to make defensible, risk-based decisions to drive your business forward. With one unified platform, you can assess your current security state, analyze how your security performance ranks against your industry and peers, and create improvement plans that reduce cyber risk.

With BitSight, you can:
– Create data-driven plans
– Allocate limited resources
– Prioritize efforts
– Prove the measurable impact of your team’s work

Learn more at https://www.bitsight.com/security-performance-management

How to Get Started with Cybersecurity Incident Response

Shearwater’s Chief Technology Officer, Mark Hofman, shares his steps for building an Incident Response Plan to help you take control of a security incident.

Framed around the common and costly Business Email Compromise (BEC) attacks, Mark offers actionable tips on setting up an incident response process and validating your incident response plans.

You will learn about:

What defines an incident and why an incident response plan is crucial

Key elements required to set the scope and success factors of an incident response plan

How to assemble the incident response team, set up roles and delegate responsibilities

How to make sure your plan is current and will evolve over time

Your obligations under the Notifiable Data Breach scheme, privacy laws, and information security compliance requirements

If you’re interested in creating an incident response plan that protects your organisation, then this video is for you.

Should YOU get a Cyber Security Degree? Is it worth it?

#Cybersecurity #Hacking #degree

What’s up #SecurityNinjas!

If you’re considering a degree in Cyber Security, please do the research on the program you’re considering.
Often times schools will advertise their awesome Cyber Security Major, and then it turns out to be a waste of time.

Links to well recognized Cyber programs:

Cyber Operations:


Cyber Defense – by state:

Music in this video:
Free Download / Stream: http://ncs.io/ark
Watch: https://youtu.be/8xlDwukxjnA
Song —- Ark
Artist — Ship Wrek & Zookeepers

Scroll to top